Have you fallen victim to one of the most common PCI myths? Discover the top 7 examples that could be putting your business at risk…
Being responsible for PCI DSS compliance is a huge responsibility.
With more and more opinion articles being published online, it’s easy to be misguided into believing information that could put your business’ reputation at high risk.
To help you avoid making these mistakes, we’ve uncovered the top 7 common myths about PCI compliance that you should ignore…
PCI DSS Compliance applies to anybody that will take or transfer cardholder information.
The size of your business, or the amount of transactions you handle, does not play a part in whether or not you must comply with PCI regulations. Nobody is exempt.
Although outsourcing can simplify the transaction process, it doesn’t mean that your business is automatically protected from risk.
You are responsible for ensuring your outsourcer complies with PCI regulations, as well as consulting your own policies and procedures to avoid any data being held onto when processing refunds, or charge backs internally.
Never become completely reliant on someone else to manage your PCI compliance.
You’re not an e-commerce company, so you don’t think PCI DSS applies to your business? You’re putting your business at risk. In fact, card-present transactions are often seen as at higher risk of heavy fines or compensation payouts than e-commerce.
If your business processes or stores any sort of cardholder information, you must be PCI compliant.
In order to be compliant with PCI, you must pass 100% of the requirements! Being compliant is a necessity, covering 100% of the standard requirements is just the starting point when it comes to protecting your business, and the data you handle.
Just because someone has provided you with their credit card details in order to make a purchase, this doesn’t mean you are able to keep these details in order to benefit your business.
Not only would keeping unnecessary records of data breach PCI security, it would also potentially violate data protection laws in the UK.
According to PCI requirements, it is forbidden to store:
With GDPR coming into play this year, it has never been more important to review the way you are handling and cleansing your data. Discover if you are asking the right questions when it comes to handling your data...
The days of relying on notifications and date ranges for compliance are long gone. It is no longer viable to wait for your outsourcers, suppliers or bank to inform you of a problem.
Compliance is an ongoing procedure. One slip up could cost your business!
Staying on top of the 12 vital PCI compliance requirements can seem like a daunting task, especially if you’re a smaller business without a dedicated team. But it doesn’t have to be difficult.
If you feel that you’re struggling to keep on top of strict processes, procedures and monitoring, why not consider investing in cost-effective and PCI compliant card processing software?
Learn more about how cardassure can help eliminate the stresses of ensuring PCI compliance within your business, download our free brochure.